dtgreene: Not entirely true. Sometimes, when a piece of software (or hardware!) has a bug, and that bug hasn't been fixed, the original distributor does suggest a workaround.

For example, when there is a security flaw that hasn't been patched, sometimes there is a way to mitigate or eliminate the danger. For example, when Heartbleed was a threat, the risk could be eliminated by recompiling OpenSSL without TLS heartbeat support (which happens to be easy for the end user to do on Gentoo GNU/Linux, but not so easy on other distributions).

Another example: I mentioned hardware. Well, sure enough, there are plenty of errata issued for modern CPUs; quite often, a kernel will need to add extra code to work around such issues. One famous example was the Pentium FDIV flaw; certain division operations would give incorrect results.

rtcvb32: Maybe i should have said commercial or proprietary products. OpenSSL and Linux (or open source/free software) where you actually could fix it yourself or compile and fix offending sections and improve the software isn't really what I'd qualify towards my statement.

Although a company that does acknowledging a problem exists isn't the same as supporting it. Wasn't there a recent cease & desist sent out for a large game (Dark Souls 2 maybe?) where a workaround was censored out by the devs?

dtgreene: Intel CPUs count as commercial and proprietary, as do ARM CPUs, and yet there's tons of errata issued for them.